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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1704(b). 

Status 

1 )I3 Responsive to communication(s) filed on 10 January 2005 . 
2a)[3 This action is FINAL. 2b)d This action is non-final. 

3) d Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) |3 Claim(s) 1-50 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) d Claim(s) is/are allowed. 

6) M Claim(s) 1-50 is/are rejected. 

7) d Claim(s) is/are objected to. 

8) d Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) d The specification is objected to by the Examiner. 

10) 13 The drawing(s) filed on 15 December 2000 is/are: a)D accepted or b)S objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

11) d The proposed drawing correction filed on is; a)d approved b)d disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) d The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§ 119 and 120 

13) d Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)d All b)d Some * c)d None of: 

1 .□ Certified copies of the priority documents have been received. 

2. d Certified copies of the priority documents have been received in Application No. . 

3. d Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) d Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 119(e) (to a provisional application). 

a) □ The translation of the foreign language provisional application has been received. 

15) d Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 . 

Attachment(s) 

1 ) Notice of References Cited (PTO-892) 4) d Interview Summary (PTO-41 3) Paper No(s). . 

2) d Notice of Drafts person's Patent Drawing Review (PTO-948) 5) d Notice of Informal Patent Application (PTO-152) 

3) d Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) d Other: 
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DETAILED ACTION 

Response to Arguments 

1. In response to communications filed on 1/10/2005, applicant amends claims 1, 13, 24, 
and 33, and claim 8, which was missing has been added. The following claims 1-50 are 
presented for examination. 

2. In response to communications filed on 1/10/2005, the amendment to the specification 
has been considered and the objection has been withdrawn. Applicant mentions that a set of 
formal drawings will be mailed separately from the response, which is being faxed. However, no 
corrected drawings have been received as yet, therefore the objection to the drawings has not 
been overcome. 

3. Applicant's remarks, pages 18-31, filed on 1/10/2005, with respect to the rejection of 
claims 1-50 have been fully considered but they are moot in view of the new ground(s) of 
rejection. The amendments to some of the independent claims replacing the reception software 
to the request implementation software and the addition of new claim 8 have been considered. 
Applicant has changed the scope of the invention in view of the amended claims, and a new 
ground of rejection has been made in view of new references as discussed below. 



Drawings 
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4. Figure 3 is objected to as failing to comply with 37 CFR 1 .84(p)(5) because it does not 
include reference numbers (300), (312) and (330) in the description on p. 17, line 18 and 27; 
page 17, line 25; and page 19, line 19 respectively. Appropriate correction is required. 

Figure 3 is objected to as failing to comply with 37 CFR 1.84(p)(5) because it includes 
the reference sign: 322 not mentioned in the description. Appropriate correction is required. 

4. 1 Figure 4 is objected to as failing to comply with 37 CFR 1.84(p)(5) because it does not 
include reference numbers (400) in the description on p. 22, line 12. Appropriate correction is 
required. 

Figure 4 is also objected to as failing to comply with 37 CFR L84(p)(5) because it 
includes the reference sign: 446 not mentioned in the description. Appropriate correction is 
required. 

Applicant is required to carefully review the application to correct such errors. 

A proposed drawing correction, corrected drawings, or amendment to the specification to 
add the reference sign(s) in the description, are required in reply to the Office action to avoid 
abandonment of the application. The objection to the drawings will not be held in abeyance. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another 
filed in the United States before the invention thereof by the applicant for patent, or on an 
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international application by another who has fulfilled the requirements of paragraphs (1), 
(2), and (4) of section 371(c) of this title before the invention thereof by the applicant for 
patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 
35 U.S.C. 102(e)). 

5. 1 Claims 35-39 and 41-43 are rejected under 35 U.S.C. 102(e) as being anticipated by US 
Patent 6,751,735 to Schell et al. 

5.2 As per claim 35, Schell et al discloses an apparatus for implementing a public key 
infrastructure in a distributed processing system, the apparatus comprising: a plurality of 
modules communicatively coupled to one another and responsive to events generated that meet 
the recitation of a plurality of beans, the beans communicatively coupled to one another and 
responsive to events generated by the plurality of beans, for example (see column 9, lines 9-30 
and figures 5-6); and discloses a root certifier, a CMC signature root, and other entities and 
further discloses a CMC signature root that propagates events to another of the plurality of the 
modules that meets the recitation of at least one of the plurality of beans comprising a pipe bean 
that propagates an event to another of the plurality of beans, for example (see column 19, lines 1- 
10 and lines 50-67). 
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As per claim 36, Schell et al discloses a key generation module as an end module that 
meets the recitation of the at least one bean comprising a sink bean, the sink bean responsive to 
propagated events and consuming such propagated events, for example (see column 23, lines 60- 
65). 

As per claim 37, Schell et al discloses the limitation of wherein the pipe bean passes the 
event to another bean unaltered, for example (see column 26, lines 13-30). Schell et al discloses 
some modules that provide no cryptographic modification that meets the recitation of wherein 
the pipe bean passes the event to the another bean unaltered. 

As per claim 38, Schell et al discloses the limitation of the at least one bean comprising 
a bean that alters the request, for example (see column 19, lines 51-67). Schell et al also 
discloses one of the pluralities of modules verifying the certificate using a public key. In 
another embodiment, Schell et al discloses a server key generated by the key generation module 
used for wrapping secret keys used for signing certificates, before being passed to another 
module (column 23, line 49 through column 24, line 5). 

As per claim 39, Schell et al discloses the limitation of further comprising a server bean, 
the server bean responsive to requests from the distributed processing system (column 11, line 59 
through column 12, line 7 and column 14, line 54 through column 15, line 12). 
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As per claim 41, Schell et al discloses the limitation of further comprising a generation 
bean, the generation bean generating a digital certificate in response to an event, for example 
(see column 16, lines 45-56). 

As per claim 42, Schell et al discloses the limitation of the at least one bean comprising 
a bean that publishes information regarding the request, for example (see column 24, lines 8-16). 

As per claim 43, Schell et al discloses the limitation of further comprising a filter bean, 
the filter bean filtering events based upon a predetermined criteria, for example (see column 27, 
lines 15-20). 

Claim Rejections - 35 USC § 103 
6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 



Application/Control Number: 09/738,247 Page 7 

Art Unit: 2136 

6. 1 Claims 1, 3-4, 6-9, 12-13, 15-16, 18-20, 23-24, 26-27, 29-31, 34, 40, 44-50 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over US Patent 6,751,735 to Schell et al in view of 
Non-Patent Literature to Balfanz et al, "A Security Infrastructure for Distributed Java 
Applications"; Security and Privacy, 2000; S&P 2000 Proceedings; 2000 IEEE Symposium on 
14-17 May 2000; Pages: 15-26. 

6.2 As per claims 1, 3, 15, and 26, Schell et al discloses an apparatus for implementing a 
request regarding a digital certificate in a distributed processing system, the apparatus 
comprising: any subsequent entity to CMC signature root (see figure 5) that meets the recitation 
of a request implementation software that implements a response to the request regarding the 
digital certificate in response to a propagated event object, for example (see column 19, lines 58- 
67); at least one CMC signature root that meets the recitation of at least one reception bean, 
communicatively coupled to the request implementation software and the distributed processing 
system, that generates an event object in response to receiving the request to generate a digital 
certificate from the distributed processing system, for example (see column 19, lines 51-57). 
Schell et al discloses plurality of modules to generate even object (see figures 4 and 5). Schell 
et al discloses modules to instantiate in real-time but is silent about object-oriented language. 
Balfanz et al in an analogous art discloses an access control system using JAVA permission 
classes that meets the recitation of a software instantiated in a real time executable object- 
oriented language (see abstract). The advantage is that it provides a good distribution system and 
access control mechanism that requests supply credentials that lead to a proof that a request is 
valid (page 15). Therefore, it would have been obvious to one of ordinary skill in the art at the 
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time the invention was made modify the apparatus of Schell to implement reception software 
instantiated in a real time executable object-oriented language such as JAVA permission classes 
and request-response distributing system as taught by Balfanz et al. This modification would 
have been obvious because one skilled in the art would have been motivated by the suggestions 
provided by Balfanz et al so as to provide a good distribution system and access control 
mechanism that requests supply credentials that lead to a proof that a request is valid (see page 
15). 

As per claims 13 and 24, Schell et al discloses a method for implementing a request 
regarding a digital certificate in a distributed processing system, the method comprising: 
receiving the request to generate the digital certificate from the distributed processing system in 
an at least one CMC signature root that meets the recitation of at least one reception bean, for 
example (see column 19, lines 51-57); the CMC applies a signature that meets the recitation of 
generating a reception event object in response to step of receiving, for example (see column 19, 
lines 51-67); forwarding it to another entity that meets the recitation of propagating the reception 
event object, for example (see column 19, lines 51-67 and column 19, lines 1-10 and 21-29); in 
another embodiment Schell et al discloses third party software for operating selected 
cryptographic executable for an application associated with a computer (see claim 13); in another 
embodiment Schell et al discloses policy engine that can be linked with CMC to implement any 
type of filter using rules, attributes, and executables such as key generation, key usage, escrow of 
keys, etc. (see column 29, lines 20-61) that meets the recitation of selectively implementing a 
response to the request regarding the digital certificate in response to a propagated event object 
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in a request implementation software. Schell et al modules to instantiate in real-time but is silent 
about object-oriented language. Balfanz et al in an analogous art discloses a security 
infrastructure for an access control system with PKI using JAVA permission classes that meets 
the recitation of a software instantiated in a real time executable object-oriented language (see 
abstract). The advantage is that it provides a good distribution system and access control 
mechanism that requests supply credentials that lead to a proof that a request is valid (page 15). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the invention 
was made modify the apparatus of Schell to implement reception software instantiated in a real 
time executable object-oriented language such as JAVA permission classes and request-response 
distributing system as taught by Balfanz et al. This modification would have been obvious 
because one skilled in the art would have been motivated by the suggestions provided by 
Balfanz et al so as to provide a good distribution system and access control mechanism that 
requests supply credentials that lead to a proof that a request is valid (see page 15), 

As per claim 44, Schell et al discloses an apparatus for implementing a public key 
infrastructure in a distributed processing system, the apparatus comprising: a plurality of 
modules communicatively coupled to one another and responsive to events generated that meet 
the recitation of a plurality of beans, the beans communicatively coupled to one another and 
responsive to events generated by the plurality of beans, for example (see column 9, lines 9-30 
and figures 5-6); Schell et al discloses for instance executables within a policy engine that may 
be used to perform several functions that meets the recitation of respective events generated by 
the plurality of beans subclassing from a base class event, for example (see column 26, lines 1- 
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12). Java language is well known in the art as a platform that includes groups of classes and 
subclasses can be generated from base class event. Balfanz et al in an analogous art discloses a 
security infrastructure for an access control system with PKI using JAVA permission classes as 
mentioned in claim 1. Therefore, claim 44 is rejected on the same rationale as the rejection of 
claim 1 . 

As per claims 4, 16, 27, Schell et al discloses a CMC signature root that meets the 
recitation of at least one bean comprising a pipe bean, for example (see column 19, lines 1-10 
and lines 58-67). 

As per claims 6, 18, and 29, Schell et al discloses the limitation of the at least one bean 
comprising a bean that alters the request, for example (see column 19, lines 51-67). Schell et al 
also discloses one of the pluralities of modules verifying the certificate using a public key. In 
another embodiment, Schell et al discloses a server key generated by the key generation module 
used for wrapping secret keys used for signing certificates, before being passed to another 
module (column 23, line 49 through column 24, line 5). 

As per claims 7, 19, and 30, Schell et al discloses the limitation of the at least one bean 
comprising a bean that publishes information regarding the request, for example (see column 24, 
lines 8-16). 
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As per claim 8, Schell et al discloses a CMC signature root that meets the recitation of at 
least one bean comprising a pipe bean, for example (see column 19, lines 1-10 and lines 58-67) 
and also discloses an end module (152d or 152e) (see column 19, lines 22-23) that meets the 
recitation of sink bean, for example (see figure 5). 

As per claims 9, 20, and 31, Schell et al discloses a key generation module as an end 
module that meets the recitation of the at least one bean comprising a sink bean, the sink bean 
responsive to propagated events and consuming such propagated events, for example (see 
column 23, lines 60-65). 

As per claims 12, 23, and 34, Schell et al discloses the limitation of the certificate 
generation software comprising legacy software, for example (see column 28, lines 49-57). 

As per claims 45-46, the combination of Schell et al and Balfanz et al discloses the 
limitation of wherein the beans and events are written in a cross platform language, the cross 
platform language is JAVA, for example (see Balfanz et al, abstract). Therefore, they are 
rejected on the same rationale as the rejection of claim 44 above. 

As per claim 47, Schell et al discloses the limitation of the at least one bean comprising 
a bean that publishes information regarding the request, for example (see column 24, lines 8-16). 
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As per claim 48, Schell et al discloses the limitation of further comprising a generation 
bean, the generation bean generating a digital certificate in response to an event, for example 
(see column 16, lines 45-56). 

As per claim 49, Schell et al discloses the limitation of further comprising a server bean, 
the server bean responsive to requests from the distributed processing system (column 11, line 59 
through column 12, line 7 and column 14, line 54 through column 15, line 12). 

As per claims 40 and 50, Schell et al discloses the limitation of further comprising a 
client bean, the client bean responsive to events from the other beans and generating requests to 
the distributed processing system, for example (see Balfanz et al, pages 24-25, section 6). 

7. Claims 2, 5, 10, 11, 14, 17, 21, 22, 25, 28, 32, and 33 are rejected under 35 U.S.C 
103(a) as being unpatentable over US Patent 6,751,735 to Schell et al in view of Non-Patent 
Literature to Balfanz et al, "A Security Infrastructure for Distributed Java Applications"; 
Security and Privacy, 2000; S&P 2000 Proceedings; 2000 IEEE Symposium on 14-17 May 
2000; Pages: 15-26 as applied to claims 1,13, and 24 and further in view of US Patent 
Publication US 2001/0001877 to French et al 

7. 1 As per claims 2, 14, and 25, Schell et al discloses plurality of modules and discloses 
different attributes and functionalities associated with each module (column 26, lines 6-67; see 
also column 27, line 26 through column 28, line 2). Schell et al also discloses that formats may 



Application/Control Number: 09/738,247 Page 13 

Art Unit: 2136 

be governed by policy, Schell et al does not explicitly disclose that the events are generated in 
response to requests of different formats. French et al in an analogous art discloses a network 
authentication system that provides verification of identity and other attributes of a network user 
to conduct a transaction; a preprocessing stage is employed to ensure correct formatting of the 
input information. French et al discloses generating an event in response to requests of different 
formats (see page 4, paragraphs 71-75). French et al further discloses that one of the advantages 
of the preprocessing is the ability to process as much requested data as possible from separate 
data sources and to reduce false negatives due to inconsistencies of mismatched information 
applied against known data sources (see page 4, paragraphs 72-73). Therefore, it would have 
been obvious to one of ordinary skill in the art at the time the invention was made modify the 
method and apparatus as combined above to have each of the plurality of the modules disclosed 
in Schell to generate an event in response to requests of differing formats as taught by French et 
al. This modification would have been obvious because one skilled in the art would have been 
motivated by the suggestions provided by French et al so as to provide a consistent data 
formatting between the information supplied by the user and what is expected from the data 
sources and the ability to process as much requested data as possible from separate data sources 
and to reduce false negatives due to inconsistencies of mismatched information applied against 
known data sources (see page 4, paragraphs 72-73). 

As per claims 5, 17, and 28, the combination of Schell et al, Balfanz et al, and French 

et al discloses the limitation of the at least one bean comprising a bean implementing a test on 
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the request, for example (see French et al, page 4, paragraphs 076-077). Therefore, they are 
rejected on the same rationale as the rejection of claims 2, 14, and 25 above. 

As per claims 10, 21, and 32, the combination of Schell et al, Balfanz et al, and 
French et al discloses the limitation of the at least one bean comprising a client bean that 
propagates a request in a first format, for example (see French et al, pages 4, paragraphs 071- 
073). Therefore, they are rejected on the same rationale as the rejection of claims 2, 14, and 25 
above. 

As per claims 11, 22, and 33, the combination of Schell et al, Balfanz et al, and 
French et al discloses the limitation of the at least one bean comprising another client bean that 
propagates a request in a second format another client bean that propagates a request in a second 
format, for example (see French et al, pages 4, paragraphs 071-073). Therefore, they are 
rejected on the same rationale as the rejection of claims 2, 14, and 25 above. 

Conclusion 

8. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
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the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

8. 1 Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carl Colin whose telephone number is 571-272-3862. The 
examiner can normally be reached on Monday through Thursday, 8:00-6:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http: //pair-direct .uspto. go v. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



April 11, 2005 



o 

Carl Colin 



Patent Examiner 




